Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
A command-line program for finding secrets and sensitive information in textual data and Git history.
A deserialization payload generator for .NET formatters
A collection of Yara rules for identifying malicious PEs with unique or suspicious PDB paths.
Copy executables with execute, but no read permission on Unix systems.
YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware.
Generates a YARA rule to match basic blocks of the current function in IDA Pro
A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.
Java decompiler for modern Java features up to Java 14.
A collection of resources for beginners to learn assembly language.
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
A Yara ruleset for detecting PHP shells and other webserver malware.
Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.
Online Java decompiler tool with support for modern Java features.
A software reverse engineering framework with full-featured analysis tools and support for multiple platforms, instruction sets, and executable formats.
Binwalk is a tool for analyzing, reverse engineering, and extracting firmware images with security and Python 2.7 deprecation notices.
Yara mode for GNU Emacs to edit Yara related files
PLASMA is an interactive disassembler with support for various architectures and formats, offering a Python API for scripting.
UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.
VxSig is a tool to automatically generate AV byte signatures from similar binaries.
Original SmaliHook Java source for Android cracking and reversing.
Java code implementing the AutoYara algorithm for automatic Yara rule generation from input samples.
Debugger and .NET assembly editor with advanced debugging features.
Microservice for scanning files with Yara
A tool that executes programs in memory from various sources
GuardDog is a CLI tool for identifying malicious PyPI and npm packages through heuristics and Semgrep rules.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
Holistic malware analysis platform with interactive sandbox, static analyzer, and emulation capabilities.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A Linux process injection tool that injects shellcode into a running process
Tool for decompressing malware samples to run Yara rules against them.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
A de-obfuscator for M/o/Vfuscator, a notorious obfuscator, designed to reverse the effects of M/o/Vfuscator's obfuscation.
A freeware suite of tools for PE editing and process viewing, including CFF Explorer and Resource Editor.
Search gadgets on binaries to facilitate ROP exploitation.
dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.
IDA Pro plugin for finding crypto constants
A tool for reading Portable Executable (PE) files with detailed information about the file structure.
Python wrapper for the Libemu library for analyzing shellcode.
A tool for reverse engineering Android apk files.
A static analysis tool for PE files that detects malicious behavior and provides information for manual analysis.
A PE/COFF file viewer that displays header, section, directory, import table, export table, and resource information within various file types.
VolatilityBot automates binary extraction and memory analysis, including detecting code injections and strings.
Checksec is a bash script to check the properties of executables like PIE, RELRO, Canaries, ASLR, Fortify Source.
Redexer is a reengineering tool for Android app binaries with features like RefineDroid and Dr. Android.
Krakatau provides an assembler and disassembler for Java bytecode, supporting conversion, creation, examination, comparison, and decompilation of Java binaries.
A tool to locally check for signs of a rootkit with various checks and tests.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
Standalone graphical utility for viewing Java source codes from ".class" files.
Scans running processes for potentially malicious implants and dumps them.
RetDec is a versatile machine-code decompiler with support for various file formats and architectures.
A library for running basic functions from stripped binaries cross platform.
A tool for malware analysts to search through base64-encoded samples and generate yara rules.
Kaitai Struct is a declarative language for describing binary data structures.
FLARE Obfuscated String Solver (FLOSS) automatically extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A tool designed to handle archive file data and augment Yara's capabilities.
PinCTF is a tool for using Intel's Pin Tool to instrument reverse engineering binaries and count instructions.
Detect capabilities in executable files and identify potential behaviors.
